UpdateSMBSecurityStrategy - Storage Gateway

UpdateSMBSecurityStrategy

Updates the SMB security strategy level for an Amazon S3 file gateway. This action is only supported for Amazon S3 file gateways.

Note

For information about configuring this setting using the AWS console, see Setting a security level for your gateway in the Amazon S3 File Gateway User Guide.

A higher security strategy level can affect performance of the gateway.

Request Syntax

{ "GatewayARN": "string", "SMBSecurityStrategy": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

GatewayARN

The Amazon Resource Name (ARN) of the gateway. Use the ListGateways operation to return a list of gateways for your account and AWS Region.

Type: String

Length Constraints: Minimum length of 50. Maximum length of 500.

Required: Yes

SMBSecurityStrategy

Specifies the type of security strategy.

ClientSpecified: If you choose this option, requests are established based on what is negotiated by the client. This option is recommended when you want to maximize compatibility across different clients in your environment. Supported only for S3 File Gateway.

MandatorySigning: If you choose this option, File Gateway only allows connections from SMBv2 or SMBv3 clients that have signing enabled. This option works with SMB clients on Microsoft Windows Vista, Windows Server 2008 or newer.

MandatoryEncryption: If you choose this option, File Gateway only allows connections from SMBv3 clients that have encryption enabled. This option is recommended for environments that handle sensitive data. This option works with SMB clients on Microsoft Windows 8, Windows Server 2012 or newer.

MandatoryEncryptionNoAes128: If you choose this option, File Gateway only allows connections from SMBv3 clients that use 256-bit AES encryption algorithms. 128-bit algorithms are not allowed. This option is recommended for environments that handle sensitive data. It works with SMB clients on Microsoft Windows 8, Windows Server 2012, or later.

Type: String

Valid Values: ClientSpecified | MandatorySigning | MandatoryEncryption | MandatoryEncryptionNoAes128

Required: Yes

Response Syntax

{ "GatewayARN": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

GatewayARN

The Amazon Resource Name (ARN) of the gateway. Use the ListGateways operation to return a list of gateways for your account and AWS Region.

Type: String

Length Constraints: Minimum length of 50. Maximum length of 500.

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServerError

An internal server error has occurred during the request. For more information, see the error and message fields.

HTTP Status Code: 400

InvalidGatewayRequestException

An exception occurred because an invalid gateway request was issued to the service. For more information, see the error and message fields.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: